Abstract: An authentication apparatus includes a detection unit that detects whether or not communication with a portable storage medium storing identification information for identifying a user is able to be performed, a reading unit that reads identification information stored in the storage medium when the detection unit detects that the communication is able to be performed, a time counting unit that counts an elapsed time, a determination unit that determines whether or not the elapsed time counted by the time counting unit matches a predefined time for the identification information read by the reading unit, and an authentication unit that authenticates the storage medium with which the detection unit detects that the communication is able to he performed when the determination unit determines that the elapsed time counted by the time counting unit matches the predefined time.

Abstract: A system, apparatus, method, and machine readable medium are described for performing transaction signing within an authentication framework.

Abstract: This disclosure relates to methods and systems to allow, in one embodiment, automatic access from one system to other systems which include an operating system that includes a user login process. In one embodiment, a method includes logging into, automatically in response to starting a first data processing system, a second data processing system at least as a guest user of the second data processing system which has a storage volume storing data and displaying a user interface object on a display device of the first data processing system, the user interface object corresponding to at least one of the second data processing system and the storage volume to allow at least one of a search to be performed or a browsing to be performed of the data stored on the storage volume.

Abstract: Various techniques are provided for Location Services (LCS) Assistance Data broadcast, for example for implementation in LTE and LTE-A systems. The embodiments described herein may use the LPP/LPPe positioning protocol, by making use of existing unsolicited Provide Assistance Data (PAD) messages. Embodiments avoid the need to define and implement a separate broadcast Assistance Data protocol. Additional exemplary embodiments for scheduling and verifying of the broadcast Assistance Data messages are described herein.

Abstract: Computer system, method and program for managing authentication requests. At a gateway device to a network, packets of a message intended for said network are received. In response, fields within payloads of said packets which contain authentication or authorization information are read. In response, the message is redirected to an authentication server. In response to receipt of the redirected message from the gateway device, the authentication server determines that a requester who sent the message to the gateway device is authorized to access a target resource specified in the message and responds to the gateway device that the requester is authorized to access the target resource. In response, the gateway device responds to the requester that the requester is authorized to access the target resource.

Abstract: A first executable program on a computer system is enabled to exchange communications with a second executable program on the computer system by determining that the first executable program requests to exchange information with the second executable program, using the second executable program to challenge the first executable program for a digital certificate, and using the second executable program to exchange information with the first executable program when the digital certificate is verified.

Abstract: An electronic asymmetric unclonable function applied to an electronic system being evaluated includes an electronic system and an AUF array electronically associated with the electronic system. The AUF array includes a plurality of non-identical cells. Each of the non-identical cells includes a test element representing a characteristic of the electronic system being evaluated and a measurement device evaluating the test element. A comparison unit processes an output of the measurement device to provide a multi-bit output value representing a magnitude of differences.

Abstract: Techniques for providing data security services with respect to cloud-based services are described. Examples include a security service provider (“SSP”) configured to perform or provide one or more security-related services or functions with respect to or on behalf of some other system or service. The other system or service may be, for example, a cloud-based system that provides network-accessible services. The SSP allows a user of the cloud-based service to provide and manage one or more security-related services, such as data storage, encryption, decryption, key management, and the like. By using and controlling the SSP, the user can be confident that his or her data is being securely represented and stored, even though it is being operated upon by a cloud-based service that is not under the user's control.

Abstract: A method is provided for generating a human readable passcode to an authorized user including providing a control access datum and a PIN, and generating a unique machine identifier for the user machine. The method further includes modifying the controlled access datum, encrypting the controlled access datum using the PIN and/or a unique machine identifier to camouflage the datum, and generating a passcode using the camouflaged datum and the PIN and/or the unique machine identifier. A mobile user device may be used to execute the method in one embodiment. The passcode may be used to obtain transaction authorization and/or access to a secured system or secured data. The unique machine identifier may be defined by a machine effective speed calibration derived from information collected from and unique to the user machine.

Abstract: Electronic electricity meter with integrated digital-certification mechanism for secure communication, comprising current sensors, voltage sensors, electronic circuit for conditioning the current signals and voltage signals in the electrical levels required by the processing unit, processing unit able to continuously sample the current signals and voltage signals provided by the circuit and that reflect, using a known ratio, the real value of the current and voltage delivered to the meter connection terminals, the processing unit calculates the active and passive through energy and determines the energy values to be counted, and a communication unit, linked to the processing unit, which uses a digital data protocol and a physical interface to communicate with the world outside the meter, and a processing unit with digital certification functions located between the processing unit and the communication unit.

Abstract: Multiple transform utilization and applications for secure digital watermarking. In one embodiment of the present invention, digital blocks in digital information to be protected are transformed into the frequency domain using a fast Fourier transform. A plurality of frequencies and associated amplitudes are identified for each of the transformed digital blocks and a subset of the identified amplitudes is selected for each of the digital blocks using a primary mask from a key. Message information is selected from a message using a transformation table generated with a convolution mask. The chosen message information is encoded into each of the transformed digital blocks by altering the selected amplitudes based on the selected message information.

Abstract: Multiple transform utilization and applications for secure digital watermarking In one embodiment of the present invention, digital blocks in digital information to be protected are transformed into the frequency domain using a fast Fourier transform. A plurality of frequencies and associated amplitudes are identified for each of the transformed digital blocks and a subset of the identified amplitudes is selected for each of the digital blocks using a primary mask from a key. Message information is selected from a message using a transformation table generated with a convolution mask. The chosen message information is encoded into each of the transformed digital blocks by altering the selected amplitudes based on the selected message information.

Abstract: In an embodiment, a data transmitting device may be provided. The data transmitting device may include a ciphering method selector configured to select a ciphering method based on a type of data to be transmitted. The data transmitting device may further include a ciphering circuit configured to cipher the data based on the selected ciphering method. The data transmitting device may further include a transmitter configured to transmit the ciphered data to a data receiving device.

Abstract: An electronic asymmetric unclonable function applied to an electronic system being evaluated includes an electronic system and an AUF array electronically associated with the electronic system. The AUF array includes a plurality of non-identical cells. Each of the non-identical cells includes a test element representing a characteristic of the electronic system being evaluated and a measurement device evaluating the test element. A comparison unit processes an output of the measurement device to provide a multi-bit output value representing a magnitude of differences.

Abstract: Methods are disclosed for improving security of computer software and preventing potential attackers from gaining control of computer software via function pointer overwrite attacks. One or more additional layers of complexity may be imposed that would have to be circumvented in order to gain execution control over portions of software. One or more function pointers can be encoded using a value that may be generated on program initialization and decoded before any dynamic function call occurs. In the event of memory corruption that affects an encoded function pointer, the value will cause the destination of the function pointer to decode to an invalid and random address and will induce an error. An application may be prevented from calling an attacker corrupted function pointer by introducing various checks around the call point at compile time that check the validity of the destination to which the function pointer points.

Abstract: A method is disclosed for providing physical access credentials to a client device. The method may include receiving a request for a physical access credential, where the first request includes at least one user access credential and at least one physical access point identifier. The method may also include determining whether the request should be granted based at least in part on the at least one user access credential. The method may further include, in response to determining that the request should be granted, sending the physical access credential associated with the physical access point.

Abstract: The present invention relates to a method and a system for authentication processing, a 3rd Generation Partnership Project (3GPP) Authentication, and Authorization Accounting (AAA) server, and a User Equipment (UE). The method includes: receiving an authentication request message that carries authentication mode indication information; determining an authentication mode according to the authentication mode indication information; and performing authentication processing according to the authentication mode. The system for authentication processing includes the 3GPP AAA server and a network device which enables the UE to access the 3GPP AAA server through the network device.

Abstract: Embodiments include methods, apparatus, and systems for managing host logins to storage systems.

Abstract: This disclosure addresses systems and methods for the protection of proprietary information by monitoring operational watermarks of an apparatus. A monitoring device may receive logical or physical watermark data from a defended apparatus. Watermark data may include any operational or environmental variable related to the defended apparatus. The monitoring device may maintain a baseline profile for the defended apparatus that includes watermark data. During monitoring of the defended apparatus by the monitor device, changes in the watermark data may be analyzed to determine if the baseline should be dynamically updated, or if the change indicates an anomaly. Anomalies may indicate an attempt to tamper with the defended apparatus. In response to the change that indicates an anomaly, the monitoring device may scrub the contents of the defended apparatus. In an embodiment, the monitoring device may also scrub its own memory in response to an anomaly.

Abstract: A secure voice solution for a PDA-type device is provided. Voice data is received from the user using the device microphone and built- in media player software in the device. This data is encrypted and sent as an IP packet. The device then receives, as IP packets, encrypted voice communication from the other party in the encrypted call, which in turn are decrypted in the device and played back on a second media player running on the device. The present invention takes advantage of the device's ability to run two media players simultaneously to in effect, simulate a cellular telephone call. As a result, an encrypted call can be made with PDA-type devices such as the Blackberry® and also such calls can be made using different data paths (cellular, WiFi, Bluetooth) as the calls are made by sending and receiving data over the Internet, not as traditional cellular data signals.